Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/bind/patches/002-RT40046.patch
branchs11u2-sru12-backport
changeset 4714 7d162a476327 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/bind/patches/002-RT40046.patch	Wed Jul 29 10:15:50 2015 -0700
@@ -0,0 +1,38 @@
+This patch was obtained from ISC for 9.6-ESV-R11-P2. The patch can
+only be obtained from [email protected] on an as needed
+basis.
+
+--- a/CHANGES	Thu Jul 23 10:45:58 2015
++++ b/CHANGES	Thu Jul 23 10:45:58 2015
+@@ -1,3 +1,9 @@
++	--- 9.6-ESV-R11-P2 released ---
++
++4165.	[security]	A failure to reset a value to NULL in tkey.c could
++			result in an assertion failure. (CVE-2015-5477)
++			[RT #40046]
++
+ 	--- 9.6-ESV-R11-P1 released ---
+ 
+ 4006.	[security]	A flaw in delegation handling could be exploited
+diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c
+index 66210d5..34ad90b 100644
+--- a/lib/dns/tkey.c
++++ b/lib/dns/tkey.c
+@@ -654,6 +654,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx,
+ 		 * Try the answer section, since that's where Win2000
+ 		 * puts it.
+ 		 */
++		name = NULL;
+ 		if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname,
+ 					 dns_rdatatype_tkey, 0, &name,
+ 					 &tkeyset) != ISC_R_SUCCESS) {
+diff --git version version
+index 1be3c16..2058444 100644
+--- a/version
++++ b/version
+@@ -10,4 +10,4 @@ MINORVER=6
+ PATCHVER=
+ RELEASETYPE=-ESV
+ RELEASEVER=-R11
+-EXTENSIONS=-P1
++EXTENSIONS=-P2
upstream/oracle/userland-gate